There is always the risk of an attacker infiltrating the company to write vulner... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kccqzy on Dec 24, 2022 \| parent \| context \| favorite \| on: The situation at LastPass may be worse than they a... There is always the risk of an attacker infiltrating the company to write vulnerabilities or a government forcing the cloud provider to write malicious code in order to degrade security. That's what the U.S. government almost succeeded at forcing Apple to do in the wake of the San Bernardino case. A local vault is better than a cloud vault, but if that local vault software is written by a commercial company there's still that risk.

maccard on Dec 24, 2022 [–]

> A local vault is better than a cloud vault, but if that local vault software is written by a commercial company there's still that risk.

Depending on your device and platform there's still "that risk" even if its open source. If you're compromised, you're compromised.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact